<?php

namespace Leantime\Domain\Users\Controllers;

use Leantime\Core\Controller\Controller;
use Leantime\Core\Controller\Frontcontroller;
use Leantime\Domain\Auth\Models\Roles;
use Leantime\Domain\Auth\Services\Auth;
use Leantime\Domain\Users\Services\Users;

class DelUser extends Controller
{
    private Users $userService;

    /**
     * init - initialize private variables
     */
    public function init(Users $userService)
    {
        $this->userService = $userService;
    }

    /**
     * run - display template and edit data
     */
    public function run()
    {

        Auth::authOrRedirect([Roles::$owner, Roles::$admin], true);

        // Only Admins
        if (isset($_GET['id']) === true) {
            $id = (int) ($_GET['id']);

            $user = $this->userService->getUser($id);

            // Delete User
            if (isset($_POST['del']) === true) {
                if (isset($_POST[session('formTokenName')]) && $_POST[session('formTokenName')] == session('formTokenValue')) {
                    $this->userService->deleteUser($id);

                    $this->tpl->setNotification($this->language->__('notifications.user_deleted'), 'success', 'user_deleted');

                    return Frontcontroller::redirect(BASE_URL.'/users/showAll');
                } else {
                    $this->tpl->setNotification($this->language->__('notification.form_token_incorrect'), 'error');
                }
            }

            // Sensitive Form, generate form tokens
            $permitted_chars = '0123456789abcdefghijklmnopqrstuvwxyz';
            session(['formTokenName' => substr(str_shuffle($permitted_chars), 0, 32)]);
            session(['formTokenValue' => substr(str_shuffle($permitted_chars), 0, 32)]);

            // Assign variables
            $this->tpl->assign('user', $user);

            return $this->tpl->display('users.delUser');
        } else {
            return $this->tpl->display('errors.error403');
        }
    }
}
